> > I have another question.
> > Now that I have authentication via pam working, I don't want the
> superusername
> > and password in /etc/shadow used for proxy authentication.
> > How can I restrict access so that "root" cannot
> > be used for proxy authentication.
>
>The best method is to use a PAM module that restricts root logins from
>Squid.
>
>But you can also wrap pam_auth in a filter which denies certain
>usernames from login before asking PAM..
Thank you for your information. Please let me know where I can obtain
such a PAM module....if it exists. Also, how do I go about wrapping
pam_auth in a filter?
Kristina
> > Is using the ACL list with an IDENT server the only way?
> > Is using the IDENT server a good idea?
>
>Not relevant to your question. IDENT is a completely different method
>for the proxy to identity the user.
>
>--
>Henrik Nordstrom
>Squid hacker
Received on Tue Mar 27 2001 - 19:36:37 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:59:00 MST